[Freeipa-users] How to set passwords which never expire ?
Martin Kosek
mkosek at redhat.com
Mon Apr 18 10:23:10 UTC 2016
On 04/12/2016 02:10 PM, dbischof at hrz.uni-kassel.de wrote:
> Hi,
>
> On Tue, 12 Apr 2016, bahan w wrote:
>
>> I am using FreeIPA 3.0 and I would like, for specific accounts, to set
>> passwords unexpirables.
>>
>> I tried to set a pwpolicy for this with the option maxage set to 0, but it
>> did not help and the maxage was 0 (password already expired).
>>
>> Is there a way, with this Ipa version, to set passwords unexpirables ?
>
> it is possible to create a password policy (tab "Policy" in the web interface)
> for a user group of your choice and change the password max lifetime to (e.g.)
> 3650 days = 10 years. That's not exactly "never expiring", but it does the
> trick for me (I use it for LDAP bind users).
Right, this will work as long as the expiration does not go over year 2038:
https://fedorahosted.org/freeipa/ticket/2496
This is the proper RFE to make "0" work:
https://fedorahosted.org/freeipa/ticket/2795
You can add yourself to CC to receive updates on it, it is now scheduled for
the next feature release.
Martin
More information about the Freeipa-users
mailing list